Vulnerabilities in CRUDLab

8 results

CVE-2025-23938HIGHWordPress Image Gallery Box by CRUDLab Plugin <= 1.0.3 - Local File Inclusion vulnerabilityEPSS 0.8%CVE-2023-32965HIGHWordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2025-23814HIGHWordPress CRUDLab Like Box Plugin <= 2.0.9 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2023-47820MEDIUMWordPress WP Like Button plugin <= 1.7.0 - Broken Access Control vulnerabilityEPSS 0.3%CVE-2025-22774HIGHWordPress CRUDLab Scroll to Top Plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2023-32966MEDIUMWordPress Jazz Popups Plugin <= 1.8.7 is vulnerable to Cross Site Request Forgery (CSRF) leading to Stored XSSEPSS 0.2%CVE-2023-40199MEDIUMWordPress WP Like Button Plugin <= 1.7.0 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.2%CVE-2024-54399HIGHWordPress CRUDLab Google Plus Button plugin <= 1.0.2 - CSRF to Stored XSS vulnerabilityEPSS 0.2%